The Russian anti-virus firm Kaspersky Lab last week released a critical security vulnerability in the anti-virus software patched. Through the vulnerability an attacker could completely take over the system without users here had to do something. The leak was discovered by Tavis Ormandy.
Ormandy works for Google, but also carries out research in its own right. According to the researcher, who also critical vulnerabilities in anti-virus software from ESET and Sophos discovered, the problem arose in the default configuration. Ormandy called the leak as bad as it can be. Through the vulnerability an attacker could execute code with system privileges ie, without user interaction.
Where exactly the problem was and how an attacker can use them was not disclosed. At first it was difficult, according to the researcher to a security contact at Kaspersky found. After being informed was the Russian virus fighter within 24 hours with an update that was rolled out to users, so let Ormandy on Twitter know.
No comments:
Post a Comment